General
-
Target
23f49debee62d2ea96d91c2cf8c68e7f4bb16827696e4586b3e979be84bca631
-
Size
6KB
-
Sample
220328-elfcwsccaq
-
MD5
31f505685ab56e105729d6a60a7a6984
-
SHA1
1f6fb6b55cd9fbd42b0ca0ec5f8227d9f6973255
-
SHA256
23f49debee62d2ea96d91c2cf8c68e7f4bb16827696e4586b3e979be84bca631
-
SHA512
b1baaf13e79f3ef6000510ff4c2e90373105b7a8ffd53b3f9b06e2ae824c562f9e287e5319f2699a331de10717d65775307fb1e006b3d14d19cb82b5a39d119d
Malware Config
Targets
-
-
Target
23f49debee62d2ea96d91c2cf8c68e7f4bb16827696e4586b3e979be84bca631
-
Size
6KB
-
MD5
31f505685ab56e105729d6a60a7a6984
-
SHA1
1f6fb6b55cd9fbd42b0ca0ec5f8227d9f6973255
-
SHA256
23f49debee62d2ea96d91c2cf8c68e7f4bb16827696e4586b3e979be84bca631
-
SHA512
b1baaf13e79f3ef6000510ff4c2e90373105b7a8ffd53b3f9b06e2ae824c562f9e287e5319f2699a331de10717d65775307fb1e006b3d14d19cb82b5a39d119d
Score10/10-
sLoad
sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-